I have a similar scenario with a PIX and 3030. The firewall rules look like
access-list outside_acl permit icmp any host 1.1.1.1
access-list outside_acl permit esp any host 1.1.1.1
access-list outside_acl permit udp any host 1.1.1.1 eq isakmp
access-list outside_acl permit udp any host 1.1.1.1 eq 4500
access-list outside_acl permit tcp any host 1.1.1.1 eq 10000
static (dmz,outside) 1.1.1.1 192.168.199.3 netmask 255.255.255.255 0 0
Rick